#windows

rukovoditel version 3.2.1 suffers from a cross site scripting vulnerability.

ReQlogic version 11.3 suffers from a cross site scripting vulnerability.

Moodle LMS version 4.0 suffers from a cross site scripting vulnerability.

Tunnel Interface Driver suffers from a denial of service vulnerability.

OPSWAT Metadefender Core version 4.21.1 suffers from a privilege escalation vulnerability.

X-Skipper-Proxy version 0.13.237 suffers from a server-side request forgery vulnerability.

Subrion CMS version 4.2.1 suffers from a persistent cross site scripting vulnerability.

Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion.

MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /database/sqldel.html.

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification.